The Equifax breach revealed on Thursday is more significant than other mega-breaches because of the nature of the data that was potentially exposed, says cybersecurity attorney Imran Ahmad.
"The quality of data potentially compromised is very valuable to cybercriminals," Ahmad says in an interview with Information Security Media Group. "What these guys are looking for is high value bits of information. The reason they like this type of data is because they can easily on the darknet sell these and create virtual profiles and sell them to others."
Equifax announced late Thursday that a web application flaw potentially exposed 143 million customer records to hackers. Those records include names, Social Security numbers, birthdays, addresses and in some cases, driver's license numbers.
Ahmad will be a featured speaker at ISMG's Toronto Fraud and Breach Prevention Summit on Tuesday, where he will address the Equifax incident and participate in a panel on the EU's General Data Protection Regulation.
In the interview (see audio link below photo), Ahmad also discusses:
- Why the Equifax breach is different from other massive data-loss incidents, including the Yahoo breach;
- The potential for litigation against Equifax;
- The controversy over how long it took Equifax to reveal the breach.
Ahmad is a business law partner in the Toronto office of Miller Thomson who specializes in the areas of cybersecurity, technology and privacy law.